A new improved version of the infamous Ursnif banking Trojan leverages Necurs botnet infrastructure targets Italian companies. The malware primarily targets the financial sector and it was detected first in year 2009. CSE Cybsec ZLab researchers spotted the new campaign to be active from 6th June, it hit’s Italian companies with a malicious Microsoft Word documents and social engineering methods to trick users into enabling macros. Once Ursnif infected into the machine it tries to spread the infection to all other Email address in the contact book and to trick the victims it makes the message to have appeared as a reply in the previous conversation. Email Message and Infection – Ursnif Banking Trojan The Email was written in incorrect Italian language and the documents appeared to be created from an older version of Microsoft Office that asks user’s to enable the macros. The infection starts once the user enabled the macro’s, which launches a malicious script that
Red Securium Company Provide Web Services | Web Development | Software Development | Digital Marketing Service | Video Marketing Service | Video Logo Service & SEO Service. www.redsecurium.org Contact Us - +91 120 429 1672